Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/kffBaxywGchLu3qLEd4ePAoWWL8.roa
File: kffBaxywGchLu3qLEd4ePAoWWL8.roa (raw, json)
Hash identifier: vbJYptlHaaUgMxvZlvm9K5+Se7d5Pn9rxLW77U1QYus=
Subject key identifier: 91:F7:C1:6B:1C:B0:19:C8:4B:BB:7A:8B:11:DE:1E:3C:0A:16:58:BF
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01856D8AC17531D5B406F116BFC1EB7C80EA
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/kffBaxywGchLu3qLEd4ePAoWWL8.roa
Signing time: Sun 01 Jan 2023 13:34:48 +0000
ROA not before: Sun 01 Jan 2023 13:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43618
IP address blocks: 134.255.241.0/24 maxlen: 24
185.161.186.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 13 Dec 2023 10:27:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:c1:75:31:d5:b4:06:f1:16:bf:c1:eb:7c:80:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 13:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91f7c16b1cb019c84bbb7a8b11de1e3c0a1658bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8a:f1:23:da:87:91:a7:da:3b:8b:2f:42:33:
ec:5b:11:8b:61:50:92:49:64:8e:f8:59:f2:b7:74:
a0:8d:56:a3:96:d8:e3:c7:7b:72:bf:73:c8:11:33:
64:08:fe:c5:ec:40:95:25:25:15:1a:37:ea:8b:0c:
88:5f:55:91:06:c9:b8:31:b4:c7:58:fc:71:6f:2a:
56:e0:03:da:19:07:8f:4c:c7:73:b3:2c:50:e6:ea:
65:ba:6d:94:fc:a7:37:6f:6f:af:01:91:f9:31:d8:
cf:80:86:ab:2f:90:ab:86:1e:41:b0:ef:7e:09:44:
be:98:98:a2:0c:99:70:07:f1:c4:d5:4b:cf:e2:1b:
d1:2a:cc:b2:54:f5:be:65:b7:61:3c:e0:e6:a8:ce:
c7:85:40:e2:df:93:09:cf:e7:ba:a5:f4:37:ee:74:
7b:8d:f8:48:e5:aa:77:1a:ee:ab:e0:81:7d:97:ed:
eb:be:ea:9d:06:eb:b9:05:2c:1f:2c:e1:d5:4d:50:
0d:dc:cb:dc:cd:23:3f:3f:92:3e:2b:2c:e6:5c:5c:
b2:8a:b2:b0:e3:04:46:38:d7:c7:b3:05:cb:93:49:
31:82:1d:e7:93:57:35:6d:71:a8:3d:e7:ab:f0:8d:
d5:57:9e:04:d0:26:9e:a4:7d:b5:7a:7a:4c:84:4b:
e2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F7:C1:6B:1C:B0:19:C8:4B:BB:7A:8B:11:DE:1E:3C:0A:16:58:BF
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/kffBaxywGchLu3qLEd4ePAoWWL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.255.241.0/24
185.161.186.0/23
Signature Algorithm: sha256WithRSAEncryption
26:3c:91:e2:c2:23:21:ac:f2:c2:72:d3:4f:26:56:39:60:c9:
31:8f:2c:a5:e3:b6:08:0f:3e:80:75:65:5b:ab:0e:96:a9:84:
3c:da:41:ff:1e:43:14:d5:b7:e5:11:70:7e:c7:54:44:64:23:
f5:8d:f4:fc:a4:8e:eb:b9:a5:58:17:10:a6:18:8c:7e:7d:31:
b0:46:4b:2a:d9:28:57:1f:ea:98:b1:f6:46:b9:b7:c7:de:3a:
b7:5b:30:d5:86:85:d3:f7:fb:e4:32:a4:83:7b:03:bb:70:1c:
38:5f:e3:67:0d:f0:8e:68:1a:fd:75:f1:4e:f0:ea:76:9b:a0:
ff:01:f3:04:61:f4:4a:38:c0:8a:66:92:27:2e:0a:ba:59:32:
30:86:8a:97:8b:73:f5:61:05:77:b9:c8:9d:d8:f5:80:b0:b5:
d2:0a:af:2f:e8:81:82:0d:96:55:c3:04:39:e1:52:c8:70:a6:
f1:c4:eb:39:30:70:07:7f:15:9b:1b:0b:f6:97:3f:17:e5:4c:
f7:57:5b:ed:8f:6c:90:3d:0a:6e:05:61:c3:38:4e:9d:45:01:
3e:2f:05:95:fc:21:04:72:4b:60:74:3b:d9:ea:bd:d4:e5:b7:
81:90:c3:ce:03:71:f7:b6:4b:27:35:49:18:b8:ba:7d:aa:d0:
f5:4a:1a:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtisF1MdW0BvEWv8HrfIDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwMTAxMTMzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWY3YzE2YjFjYjAxOWM4NGJiYjdhOGIxMWRlMWUzYzBhMTY1OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4rxI9qHkafaO4svQjPsWxGLYVCS
SWSO+Fnyt3SgjVajltjjx3tyv3PIETNkCP7F7ECVJSUVGjfqiwyIX1WRBsm4MbTH
WPxxbypW4APaGQePTMdzsyxQ5uplum2U/Kc3b2+vAZH5MdjPgIarL5Crhh5BsO9+
CUS+mJiiDJlwB/HE1UvP4hvRKsyyVPW+ZbdhPODmqM7HhUDi35MJz+e6pfQ37nR7
jfhI5ap3Gu6r4IF9l+3rvuqdBuu5BSwfLOHVTVAN3MvczSM/P5I+KyzmXFyyirKw
4wRGONfHswXLk0kxgh3nk1c1bXGoPeer8I3VV54E0CaepH21enpMhEvidwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJH3wWscsBnIS7t6ixHeHjwKFli/MB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEva2ZmQmF4eXdHY2hMdTNxTEVkNGVQQW9XV0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAhv/xAwQB
uaG6MA0GCSqGSIb3DQEBCwUAA4IBAQAmPJHiwiMhrPLCctNPJlY5YMkxjyyl47YI
Dz6AdWVbqw6WqYQ82kH/HkMU1bflEXB+x1REZCP1jfT8pI7ruaVYFxCmGIx+fTGw
Rksq2ShXH+qYsfZGubfH3jq3WzDVhoXT9/vkMqSDewO7cBw4X+NnDfCOaBr9dfFO
8Op2m6D/AfMEYfRKOMCKZpInLgq6WTIwhoqXi3P1YQV3ucid2PWAsLXSCq8v6IGC
DZZVwwQ54VLIcKbxxOs5MHAHfxWbGwv2lz8X5Uz3V1vtj2yQPQpuBWHDOE6dRQE+
LwWV/CEEcktgdDvZ6r3U5beBkMPOA3H3tksnNUkYuLp9qtD1Shqa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org